exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

ISS Security Alert Summary August 14, 1998

ISS Security Alert Summary August 14, 1998
Posted Jul 15, 1999

ISS Security Alert Summary for August 14, 1998.

SHA-256 | cf4f7be9725626568653cd8f5072e2b42a32503f1df7999f9c4f044dff571ed9

ISS Security Alert Summary August 14, 1998

Change Mirror Download

I S S X - F o r c e

The Most Wanted Alert List

[1]News | [2]Serious Fun | [3]Mail Lists | [4]Security Library
[5]Protoworx | [6]Alerts | [7]Submissions | [8]Feedback
[9]Advanced Search

_ Alert Summaries_

ISS Security Alert Summary
August 14, 1998
Volume 2 Number 9

X-Force Vulnerability and Threat Database: [10]http://www.iss.net/xforce To
receive these Alert Summaries, subscribe to the ISS Alert mailing list.
Send an email to [11]majordomo@iss.net, and within the body of the message
type: 'subscribe alert'.


[12]Top of Page || [13]Back to Alert List

___

Contents

5 Reported Vulnerabilities
- [14]BO-backdoor
- [15]Sun-libauth
- [16]OpenBSD-chpass
- [17]Notes-retrieve
- [18]Exchange-DoS

Risk Factor Key


[19]Top of Page || [20]Back to Alert List

___


Date Reported: 8/6/98
Vulnerability: BO-backdoor
Platforms Affected: Windows 95
Risk Level: High

A hacker group known as the Cult of the Dead Cow has released a Windows
95/98 backdoor named 'Back Orifice' (BO). Once installed, this backdoor
lets unauthorized users execute privileged operations on the affected
machine.

Back Orifice leaves evidence of its existence and can be detected and
removed. The communications protocol and encryption used by this backdoor
has been broken by ISS X-Force.

Reference:
ISS Security Alert Advisory: "Cult of the Dead Cow Back Orifice Backdoor"
at [21]http://www.iss.net/xforce/alerts/advise5.html


[22]Top of Page || [23]Back to Alert List

___


Date Reported: 8/4/98
Vulnerability: Sun-libauth
Platforms Affected: Solaris (2.2, 2.3, 2.4, 2.5, 2.5.1, 2.6)
Risk Level: High

Two buffer overflows have been found in Sun Microsystem's libauth library
that could allow a local user to overwrite the buffer and execute commands.
Depending on the system's configuration, it could be possible for the
attacker to gain root access.

Reference:
RSI Alert Advisory RSI.0007.05-26-98.SUN.LIBAUTH: "Sun Microsystem's
library libauth" at [24]http://www.repsec.com/advisory/0007.html


[25]Top of Page || [26]Back to Alert List

___


Date Reported: 8/3/98
Vulnerability: OpenBSD-chpass
Platforms Affected: OpenBSD (2.3 and below)
Risk Level: High

The chpass command lets unprivileged users edit database information
associated with their account. A vulnerability in chpass could allow an
attacker to change the account information associated with the root
account, and gain superuser access.

Reference:
Network Associates, Inc. Security Advisory #28: "Vulnerability in OpenBSD
2.3 chpass(1)" at [27]http://www.nai.com


[28]Top of Page || [29]Back to Alert List

___


Date Reported: 7/31/98
Vulnerability: Notes-retrieve
Platforms Affected: Lotus Notes 4.6+
Risk Level: High

The L0pht has released an advisory concerning a vulnerability in the Lotus
Notes 4.6 client. This vulnerability could allow a remote attacker to
create files, overwrite files, and retrieve databases. Some Lotus Notes
databases contain sensitive company information and would be a major
security breach if obtained.

Reference:
L0pht Security Advisory: "Application: Notes 4.6+ Client: Users can
overwrite/create system files" at [30]http://www.l0pht.com/advisories/nny.txt


[31]Top of Page || [32]Back to Alert List

___


Date Reported: 7/24/98
Vulnerability: Exchange-DoS
Platforms Affected: Microsoft Exchange (5.0 to 5.5)
Risk Level: High

A vulnerability has been found that would allow an attacker to disrupt an
organization by crashing Microsoft Exchange Server over the network. This
attack will stop e-mail and other services that Exchange provides for the
organization.

References:
ISS Security Alert Advisory: "Denial of Service attacks against Microsoft
Exchange 5.0 to 5.5" at [33]http://www.iss.net/xforce/alerts/advise4.html

CIAC Information Bulletin I-080: "Microsoft Exchange Denial of Service
Attacks" at [34]http://www.ciac.org/ciac/bulletins/i-080.shtml


[35]Top of Page || [36]Back to Alert List

___


Risk Factor Key:

High Any vulnerability that provides an attacker with immediate
access into a machine, gains superuser access, or bypasses
a firewall. Example: A vulnerable Sendmail 8.6.5 version
that allows an intruder to execute commands on mail
server.
Medium Any vulnerability that provides information that has a
high potential of giving system access to an intruder.
Example: A misconfigured TFTP or vulnerable NIS server
that allows an intruder to get the password file that
could contain an account with a guessable password.
Low Any vulnerability that provides information that
potentially could lead to a compromise. Example: A
finger that allows an intruder to find out who is online
and potential accounts to attempt to crack passwords
via brute force methods.


Internet Security Systems, Inc. is the leading provider of adaptive network
security monitoring, detection and response software that protects the
security and integrity of enterprise information systems. By dynamically
detecting and responding to security vulnerabilities and threats inherent
in open systems, ISS's SAFEsuite family of products provide protection
across the enterprise, including the Internet, extranets, and internal
networks, from attacks, misuse and security policy violations. The Company
has delivered its adaptive network security solutions to organizations
worldwide, including firms in the Global 2000, 9 of the ten largest U.S.
commercial banks and over 35 governmental agencies. For more information,
call ISS at 678-443-6000 or 800-776-2362 or visit the ISS Web site at
[37]http://www.iss.net.


[38]Top of Page || [39]Back to Alert List

___

Copyright (c) 1998 by Internet Security Systems, Inc. Permission is hereby
granted for the redistribution of this Alert Summary electronically. It is
not to be edited in any way without express consent of X-Force. If you
wish to reprint the whole or any part of this Alert Summary in any other
medium excluding electronic medium, please email [40]xforce@iss.net for
permission.

Disclaimer
The information within this paper may change without notice. Use of this
information constitutes acceptance for use in an AS IS condition. There are
NO warranties with regard to this information. In no event shall the author
be liable for any damages whatsoever arising out of or in connection with
the use or spread of this information. Any use of this information is at
the user's own risk.

X-Force PGP Key available at: [41]http://www.iss.net/xforce/sensitive.html as
well as on MIT's PGP key server and PGP.com's key server.

Please send suggestions, updates, and comments to:
X-Force xforce@iss.net

> of Internet Security Systems, Inc.

[42]News | [43]Serious Fun | [44]Mail Lists | [45]Security Library
[46]Protoworx | [47]Alerts | [48]Submissions | [49]Feedback
[50]Advanced Search

[51]About the Knowledge Base

Copyright ©1994-1998 Internet Security Systems, Inc.
All Rights Reserved. Sales Inquiries: [52]sales@iss.net
6600 Peachtree-Dunwoody Rd · Bldg 300 · Atlanta, GA 30328
Phone (678) 443-6000 · Fax (678) 443-6477

Read our [53]privacy guidelines.

References

1. http://xforce.iss.net/news.php3
2. http://xforce.iss.net/seriousfun/
3. http://xforce.iss.net/maillists/
4. http://xforce.iss.net/library/
5. http://xforce.iss.net/protoworx/
6. http://xforce.iss.net/alerts/
7. http://xforce.iss.net/submission.php3
8. http://xforce.iss.net/feedback.php3
9. http://xforce.iss.net/search.php3
10. http://www.iss.net/xforce
11. mailto:majordomo@iss.net
12. http://xforce.iss.net/alerts/vol-2_num-9.php3#list
13. http://xforce.iss.net/alerts/alerts.php3
14. http://xforce.iss.net/alerts/vol-2_num-9.php3#BO-backdoor
15. http://xforce.iss.net/alerts/vol-2_num-9.php3#Sun-libauth
16. http://xforce.iss.net/alerts/vol-2_num-9.php3#OpenBSD-chpass
17. http://xforce.iss.net/alerts/vol-2_num-9.php3#Notes-retrieve
18. http://xforce.iss.net/alerts/vol-2_num-9.php3#Exchange-DoS
19. http://xforce.iss.net/alerts/vol-2_num-9.php3#list
20. http://xforce.iss.net/alerts/alerts.php3
21. http://www.iss.net/xforce/alerts/advise5.html
22. http://xforce.iss.net/alerts/vol-2_num-9.php3#list
23. http://xforce.iss.net/alerts/alerts.php3
24. http://www.repsec.com/advisory/0007.html
25. http://xforce.iss.net/alerts/vol-2_num-9.php3#list
26. http://xforce.iss.net/alerts/alerts.php3
27. http://www.nai.com/
28. http://xforce.iss.net/alerts/vol-2_num-9.php3#list
29. http://xforce.iss.net/alerts/alerts.php3
30. http://www.l0pht.com/advisories/nny.txt
31. http://xforce.iss.net/alerts/vol-2_num-9.php3#list
32. http://xforce.iss.net/alerts/alerts.php3
33. http://www.iss.net/xforce/alerts/advise4.html
34. http://www.ciac.org/ciac/bulletins/i-080.shtml
35. http://xforce.iss.net/alerts/vol-2_num-9.php3#list
36. http://xforce.iss.net/alerts/alerts.php3
37. http://www.iss.net/
38. http://xforce.iss.net/alerts/vol-2_num-9.php3#list
39. http://xforce.iss.net/alerts/alerts.php3
40. mailto:xforce@iss.net
41. http://www.iss.net/xforce/sensitive.html
42. http://xforce.iss.net/news.php3
43. http://xforce.iss.net/seriousfun/
44. http://xforce.iss.net/maillists/
45. http://xforce.iss.net/library/
46. http://xforce.iss.net/protoworx/
47. http://xforce.iss.net/alerts/
48. http://xforce.iss.net/submission.php3
49. http://xforce.iss.net/feedback.php3
50. http://xforce.iss.net/search.php3
51. http://xforce.iss.net/about.php3
52. http://xforce.iss.net/cgi-bin/getSGIInfo.pl
53. http://xforce.iss.net/privacy.php3
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close